The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.
I2s3sh6sxw5vkqlkyc8

Information Systems Security Officer - Must Have Top Secret Clearance

Job Description


View more Careers at
EPSILON 
Follow us on: LinkedIn | Twitter | google+
 Information System Security Officer (ISSO)
 
Security Clearance required: Top Secret with SCI Eligibility
US Citizenship Required
Location: Washington, DC
URL: www.epsilon-inc.com/careers
 
Position Summary: The ISSO is embedded in the implementation and lifecycle stages of assigned systems and serves as point of contact on all matters of cybersecurity.

Position Responsibilities:
  • Collaborate with NS3 System Administrators for remediation on all aspects of security.
  • Configuration Management (CM)/Portfolio Management for NS3 assigned classified systems including actively participate in Configuration Management for assigned system(s) and coordination with CM on hardware and software approvals for assigned system (s), Report vulnerabilities (Risk Assessment Report and Plan of Action and Milestones (POA&Ms) through Enterprise Mission Assurance Support Service(eMASS) as required for remediation action, coordinating system security requirements with system administrators and assisting with development, maintenance, and tracking of the System Security Plan (SSP), POA&M development, tracking, and resolution.
  • Identify resources, milestones, and estimated completion dates to the POA&Ms as required for compliance.
  • Report remediation task requirements with system administrators' feedback.
  • Maintain and report NS3's systems Accreditation and Authorization status and any associated risk issues.
  • Ensure all information system security related documentation is current and accessible to properly authorized individuals.
  • Develop, track, resolve, and maintain the Security Plan for NS3 assigned systems.
  • Create and manage POA&M entries and ensure vulnerabilities are properly tracked, mitigated, and resolved.
  • Maintain Security Technical Implementation Guide (STIG) Test Plan to include new applicable STIG versions release on a quarterly basis. 
  • Review and update STIGs with the System Administrators.
  • Provide deltas from the previous STIG to NS3's Operations Management for testing and update STIG checklist.
  • Assist with identification of security control baseline set and any applicable overlays.  Coordinate security control validation.
  • Oversee cybersecurity testing to assess security controls. Record security control compliance status. Oversee initial risk assessment and the recording in the Security Assessment Report (SAR) of the deficiency and risk level.
  • Facilitate remediation actions on the non-compliant security control findings from the SAR and reassess remediation control(s).
  • Assess periodically the quality of security control implementation against performance indicators.
  • Plan and perform cybersecurity testing to assess security controls and record security control compliance status during sustainment.
  • Identify and analyze system malfunctions with a view towards security incidents and/or violations.
  • Identify and monitor system administrators Privileged User access.
  • Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and procedures as outlined in the accreditation and certification support documentation package.
  • Submit mitigation plans prior to the due date for those assets requesting implementation extensions.
  • Enforce Vulnerability Management Policy and Procedures to minimize risk exposure.
  • Certify audit trails are conducted, reviewed, and appropriate records management are maintained.  
  • Support the development and maintenance of technical documentation and Standard Operating Procedures (SOPs). 
  • Execute the security Assessment and Authorization (A&A) process for Risk Management Framework (RMF) requirements. 
  • Support the Information System Security Manager with site accreditation/reaccreditation process.
  • Perform updates to RMF accreditation documentation for assigned systems.
  • Prepare and submit classified spillages/incident responses.
  • Support the development of cyber security technical roadmaps. Serve as a cyber security thought leader.
Essential Skills, Experience, and Certifications:
  • US Citizenship is a requirement of this position in accordance with 8 U.S.C. § 1324b(a)(2)(C)
  • 'Active” Top Secret with eligibility to obtain Sensitive Compartmented Information (SCI) Clearance.
  • A Bachelor's degree (or equivalent experience) in Computer Science, Information Systems, Engineering, Business, or a scientific or technical discipline, plus 10 years' experience.
  • Must possess one of the following DoD level III Security professional certifications (GIAC Certified Incident Handler (GCIH), GIAC Information Security Expert (GSE), GIAC Security Leadership (GLSC), Security Certified Network Architect (SCNA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA).
  • Information Technology Infrastructure Library (ITIL) 4 Foundation certification must be completed within 6 months.
  • Expertise and knowledge with the Committee on National Security Systems (CNSS) Instruction No. 1253, National Institute Standards and Technology, Federal Information System Management Act 2014, Privacy Act of 1947, and implementing systems that contain Sensitive Information.
  • Minimum of 5 years with DISA Security Technical Implementation Guide (STIG), RMF and NIST 800-53 knowledge and experience.
  • Demonstrate strong knowledge of cybersecurity principles and NS3 requirements relevant to the confidentiality, integrity, availability, and authentication of systems operating in a classified environment.
  • Proven leadership experience in security and technical risk. 
  • Experience in cyber security architecture and design.
  • Understanding of cyber security framework and NIST Risk Management Framework (RMF).
  • Effective problem solving and analytical skills; ability to work well under pressure.
  • Clear and effective verbal and written communication skills.
  • Highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
  • Excellent communications, teamwork, leadership and conflict management skills.
  • Desire and commitment for continuous learning to recognize new cyber vulnerabilities.
  • Applies current computer science technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems.
  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
  • DESIRED SKILLS: Must have 7-10 years of professional experience in a medium to large size organization with complex networks.
Physical Demands and Work Environment:
The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds.
  • Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.
 
Epsilon Benefits:
Medical, Dental, Vision Plan
AD&D and Life Insurance
Paid Federal Holidays
Paid Time Off
401(k) Retirement Plan
Education reimbursement
Referral Bonuses
 
 View More Careers at EPSILON
URL: www.epsilon-inc.com/careers
Follow us on: LinkedIn | Twitter | google+
 

Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here to review your rights under EEO policy.
 
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email careers@epsilon-inc.com.
 
 

Job Requirements

 

Job Snapshot

Location US-DC-Washington
Employment Type Full-Time
Pay Type Hour
Pay Rate N/A
Store Type IT & Technical
Apply

Company Overview

Epsilon, Inc.

Working at Epsilon: Epsilon’s core values of Consideration, Simplicity, and Improvement are the pillars of who we are and how our team members operate. Whether you are working at our headquarters in Weaverville, NC or on a Government site across the nation, we treat each other with respect and consideration, value the ideas and ingenuity of our team members and appreciate each other’s work style. Our team members build bridges across departments, think beyond the status quo, and develop creative solutions. Learn More

Contact Information

US-DC-Washington
Snapshot
Epsilon, Inc.
Company:
US-DC-Washington
Location:
Full-Time
Employment Type:
Hour
Pay Type:
N/A
Pay Rate:
IT & Technical
Store Type:

Job Description


View more Careers at
EPSILON 
Follow us on: LinkedIn | Twitter | google+
 Information System Security Officer (ISSO)
 
Security Clearance required: Top Secret with SCI Eligibility
US Citizenship Required
Location: Washington, DC
URL: www.epsilon-inc.com/careers
 
Position Summary: The ISSO is embedded in the implementation and lifecycle stages of assigned systems and serves as point of contact on all matters of cybersecurity.

Position Responsibilities:
  • Collaborate with NS3 System Administrators for remediation on all aspects of security.
  • Configuration Management (CM)/Portfolio Management for NS3 assigned classified systems including actively participate in Configuration Management for assigned system(s) and coordination with CM on hardware and software approvals for assigned system (s), Report vulnerabilities (Risk Assessment Report and Plan of Action and Milestones (POA&Ms) through Enterprise Mission Assurance Support Service(eMASS) as required for remediation action, coordinating system security requirements with system administrators and assisting with development, maintenance, and tracking of the System Security Plan (SSP), POA&M development, tracking, and resolution.
  • Identify resources, milestones, and estimated completion dates to the POA&Ms as required for compliance.
  • Report remediation task requirements with system administrators' feedback.
  • Maintain and report NS3's systems Accreditation and Authorization status and any associated risk issues.
  • Ensure all information system security related documentation is current and accessible to properly authorized individuals.
  • Develop, track, resolve, and maintain the Security Plan for NS3 assigned systems.
  • Create and manage POA&M entries and ensure vulnerabilities are properly tracked, mitigated, and resolved.
  • Maintain Security Technical Implementation Guide (STIG) Test Plan to include new applicable STIG versions release on a quarterly basis. 
  • Review and update STIGs with the System Administrators.
  • Provide deltas from the previous STIG to NS3's Operations Management for testing and update STIG checklist.
  • Assist with identification of security control baseline set and any applicable overlays.  Coordinate security control validation.
  • Oversee cybersecurity testing to assess security controls. Record security control compliance status. Oversee initial risk assessment and the recording in the Security Assessment Report (SAR) of the deficiency and risk level.
  • Facilitate remediation actions on the non-compliant security control findings from the SAR and reassess remediation control(s).
  • Assess periodically the quality of security control implementation against performance indicators.
  • Plan and perform cybersecurity testing to assess security controls and record security control compliance status during sustainment.
  • Identify and analyze system malfunctions with a view towards security incidents and/or violations.
  • Identify and monitor system administrators Privileged User access.
  • Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and procedures as outlined in the accreditation and certification support documentation package.
  • Submit mitigation plans prior to the due date for those assets requesting implementation extensions.
  • Enforce Vulnerability Management Policy and Procedures to minimize risk exposure.
  • Certify audit trails are conducted, reviewed, and appropriate records management are maintained.  
  • Support the development and maintenance of technical documentation and Standard Operating Procedures (SOPs). 
  • Execute the security Assessment and Authorization (A&A) process for Risk Management Framework (RMF) requirements. 
  • Support the Information System Security Manager with site accreditation/reaccreditation process.
  • Perform updates to RMF accreditation documentation for assigned systems.
  • Prepare and submit classified spillages/incident responses.
  • Support the development of cyber security technical roadmaps. Serve as a cyber security thought leader.
Essential Skills, Experience, and Certifications:
  • US Citizenship is a requirement of this position in accordance with 8 U.S.C. § 1324b(a)(2)(C)
  • 'Active” Top Secret with eligibility to obtain Sensitive Compartmented Information (SCI) Clearance.
  • A Bachelor's degree (or equivalent experience) in Computer Science, Information Systems, Engineering, Business, or a scientific or technical discipline, plus 10 years' experience.
  • Must possess one of the following DoD level III Security professional certifications (GIAC Certified Incident Handler (GCIH), GIAC Information Security Expert (GSE), GIAC Security Leadership (GLSC), Security Certified Network Architect (SCNA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), and/or Certified Information Systems Auditor (CISA).
  • Information Technology Infrastructure Library (ITIL) 4 Foundation certification must be completed within 6 months.
  • Expertise and knowledge with the Committee on National Security Systems (CNSS) Instruction No. 1253, National Institute Standards and Technology, Federal Information System Management Act 2014, Privacy Act of 1947, and implementing systems that contain Sensitive Information.
  • Minimum of 5 years with DISA Security Technical Implementation Guide (STIG), RMF and NIST 800-53 knowledge and experience.
  • Demonstrate strong knowledge of cybersecurity principles and NS3 requirements relevant to the confidentiality, integrity, availability, and authentication of systems operating in a classified environment.
  • Proven leadership experience in security and technical risk. 
  • Experience in cyber security architecture and design.
  • Understanding of cyber security framework and NIST Risk Management Framework (RMF).
  • Effective problem solving and analytical skills; ability to work well under pressure.
  • Clear and effective verbal and written communication skills.
  • Highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues.
  • Excellent communications, teamwork, leadership and conflict management skills.
  • Desire and commitment for continuous learning to recognize new cyber vulnerabilities.
  • Applies current computer science technologies to the development, evaluation, and integration of computer systems and networks to maintain system security for classified information systems.
  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
  • DESIRED SKILLS: Must have 7-10 years of professional experience in a medium to large size organization with complex networks.
Physical Demands and Work Environment:
The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds.
  • Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.
 
Epsilon Benefits:
Medical, Dental, Vision Plan
AD&D and Life Insurance
Paid Federal Holidays
Paid Time Off
401(k) Retirement Plan
Education reimbursement
Referral Bonuses
 
 View More Careers at EPSILON
URL: www.epsilon-inc.com/careers
Follow us on: LinkedIn | Twitter | google+
 

Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here to review your rights under EEO policy.
 
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email careers@epsilon-inc.com.
 
 

Job Requirements

 
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Information Systems Security Officer - Must Have Top Secret Clearance Apply now